A Better Software Management System

By Jason Brooks |
Posted 2009-04-10

SUSE Linux Enterprise Server 11 Is (Almost) All Things to All Companies

Setting out to be all things to all people is generally a bad idea,
since you're likely to end up leaving everybody at least a bit
disappointed. However, Novell's SUSE Linux Enterprise Server 11's
readiness to serve a broad range of hardware and application masters is
arguably more virtue than vice.

After all, OS platforms are expected to bring together an
organization's equipment and code to shoulder a diverse assortment of
workloads. And, judged by the breadth of the roles it attempts to take
on, SLES 11 meets those expectations. For example, while the platform
continues to serve its traditional role as host for Linux and
open-source applications, Novell has included SLES 11 support for
Microsoft .NET applications, as well.

Along similar lines, SLES remains focused on delivering
virtualization hosting through its bundled Xen hypervisor, and on
providing enhanced application isolation through Novell's AppArmor
functionality, but the platform also now includes experimental support
for archrival Red Hat's KVM hypervisor and SELinux security framework.

However, all of SLES 11's people-pleasing doesn't come without a
cost. When taken individually, and compared with more narrowly focused
rivals, certain SLES 11 roles tend to disappoint. In particular, given
the time that's elapsed since I reviewed the virtualization
capabilities of 2006's SLES 10, I had expected that SLES 11 would have
drawn closer to the streamlined deployment experience of VMware's ESX
Server or Citrix's XenServer.

More promising are the steps that Novell has been taking toward
making SLES a better guest for virtualization. These include offering
an installation option for the product that results in a slimmed-down
server instance that does away with unnecessary hardware drivers and
includes a kernel that takes advantage of VMware's VMI (Virtual Machine
Interface).

Also, Novell has partnered with rPath to create SUSE-based virtual
appliances, in addition to Novell's in-house efforts around the
appliance-building OpenSUSE Studio project.

Somewhat counter-balancing the feature-set ambitions of SLES 11 are
the modular support options that Novell has built into the product.
SLES 11's Mono hosting capabilities are sold as a separate extension at
a cost of $200 per server. Similarly broken-out extensions are
available for adding high-availability support and real-time
performance capabilities to the platform.

The SLES 11 Mono extension contains a newer version of the
open-source implementation of Microsoft's .NET Framework than what
ships by default in SLES (Version 2.4 versus 2.0.1). The
extension is intended for hosting .NET server workloads and may be
upgraded independently from the rest of SLES as new Mono versions
become available. (For more on running .NET applications with Mono, see
Jeff Cogswell's analysis.)

Also on the topic of support, Novell has integrated into the
system's software management toolset information about the support
level that customers can expect for the various components that ship
with SLES 11. For example, the packages for experimentally offered
SELinux and KVM functionality are marked as "unsupported," while a
package I installed from SLES sister distribution OpenSUSE was marked
with a support level of "unknown."

Along similar lines, SLES 11 includes a tool, called suse-sam
(Supportability Analysis Module) that I could use to scan my system and
determine whether it was in a supportable state. This sort of utility
will grow more important as Novell and other Linux vendors work to
squeeze their distributions into new shapes--such as virtual
appliances--while preserving their application and hardware
certifications.

A Better Software Management System

Speaking
more broadly, sites upgrading to SLES 11 from SLES 10 should be
pleasantly surprised at the software management system that graces the
new version--it performs much better than the framework that shipped
with Version 10. The newer system is still based on RPM, but now
includes the back-end tool zypper, which, across a few years of
OpenSUSE releases, had the opportunity to mature into a very effective
software management tool. (See my recent OpenSUSE 11.1 review here.)

Another system management feature that caught my eye during my tests
of SLES 11 was the system's PolicyKit system rights management
framework, which restricts various activities on SLES 11, including
mounting and unmounting removable media, as well as restarting the
system. When running SLES 11 in graphical mode as a limited rights
user, PolicyKit prompted me for an administrative password before
carrying out these operations. Alternatively, I could dole out rights
to myself or another user from a PolicyKit configuration tool.

Novell's use of PolicyKit is a step in the right direction, but I'd
like to see the framework extended to cover the operations included in
SUSE's suite of system management tools, Yast. For now, Yast modules
prompt for a password but lack the rights management controls that
PolicyKit makes available.

SLES 11 is available in versions for the x86, x86_64, Itanium and
IBM PowerPC and zSeries processor architectures. I tested the 32-bit
version of SLES from a virtual machine with 1GB of RAM hosted by Sun's
VirtualBox desktop virtualization application. I tested the x86_64
version of SLES 11 on a dual-core AMD Athlon64 server with 4GB of RAM,
as well as on a paravirtualized virtual machine hosted under SLES 11's
Xen hypervisor.

SLES 11 is sold by subscription, with pricing that differs based on support level and processor architecture.

For x86 and x86_64 architectures, subscriptions range from basic
plans that include 30 days of telephone and e-mail-based support and
cost $349 per system to priority subscriptions that cost $1,499 per
system and include 24/7 telephone and e-mail support over the full
support term.